aboutsummaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2014-11-14sasl_sspi: Corrected a couple of comment typosSteve Holme
2014-11-14sasl: Moved Curl_sasl_gssapi_cleanup() definition into header fileSteve Holme
Rather than define the function as extern in the source files that use it, moved the function declaration into the SASL header file just like the Digest and NTLM clean-up functions. Additionally, added a function description comment block.
2014-11-14sasl_sspi: Added missing RFC reference for HTTP Digest authenticationSteve Holme
2014-11-14ntlm: Clean-up and standardisation of base64 decodingSteve Holme
2014-11-14ntlm: We prefer 'CURLcode result'Steve Holme
2014-11-13http2: fix switched macro when http2 is not enabledDaniel Stenberg
2014-11-13http2: Deal with HTTP/2 data inside response header bufferTatsuhiro Tsujikawa
Previously if HTTP/2 traffic is appended to HTTP Upgrade response header (thus they are in the same buffer), the trailing HTTP/2 traffic is not processed and lost. The appended data is most likely SETTINGS frame. If it is lost, nghttp2 library complains server does not obey the HTTP/2 protocol and issues GOAWAY frame and curl eventually drops connection. This commit fixes this problem and now trailing data is processed.
2014-11-10multi: removed Curl_multi_set_easy_connectionDaniel Stenberg
It isn't used anywhere! Reported-by: Carlo Wood
2014-11-10cmake: add ENABLE_THREADED_RESOLVER, rename ARESPeter Wu
Fix detection of the AsynchDNS feature which not just depends on pthreads support, but also on whether USE_POSIX_THREADS is set or not. Caught by test 1014. This patch adds a new ENABLE_THREADED_RESOLVER option (corresponding to --enable-threaded-resolver of autotools) which also needs a check for HAVE_PTHREAD_H. For symmetry with autotools, CURL_USE_ARES is renamed to ENABLE_ARES (--enable-ares). Checks that test for the availability actually use USE_ARES instead as that is the result of whether a-res is available or not (in practice this does not matter as CARES is marked as required package, but nevertheless it is better to write the intent). Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-09vtls.h: Fixed compiler warning when compiled without SSLSteve Holme
vtls.c:185:46: warning: unused parameter 'data'
2014-11-09ntlm: Added separate SSPI based functionsSteve Holme
In preparation for moving the NTLM message code into the SASL module, and separating the native code from the SSPI code, added functions that simply call the functions in curl_ntlm_msg.c.
2014-11-09http_ntlm: Use the SASL functions insteadSteve Holme
In preparation for moving the NTLM message code into the SASL module use the SASL functions in the HTTP code instead.
2014-11-09libssh2: detect features based on version, not configure checksDaniel Stenberg
... so that non-configure builds get the correct functions too based on the libssh2 version used.
2014-11-09SSH: use the port number as well for known_known checksNobuhiro Ban
... if the libssh2 version is new enough. Bug: http://curl.haxx.se/bug/view.cgi?id=1448
2014-11-09build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is definedSteve Holme
USE_NTLM would only be defined if: HTTP support was enabled, NTLM and cryptography weren't disabled, and either a supporting cryptography library or Windows SSPI was being compiled against. This means it was not possible to build libcurl without HTTP support and use NTLM for other protocols such as IMAP, POP3 and SMTP. Rather than introduce a new SASL pre-processor definition, removed the HTTP prerequisite just like USE_SPNEGO and USE_KRB5. Note: Winbind support still needs to be dependent on CURL_DISABLE_HTTP as it is only available to HTTP at present. This bug dates back to August 2011 when I started to add support for NTLM to SMTP.
2014-11-09ntlm: Removed an unnecessary free of native Target InfoSteve Holme
Due to commit 40ee1ba0dc the free in Curl_ntlm_decode_type2_target() is longer required.
2014-11-09ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme
2014-11-09ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme
2014-11-08Makefile.vc6: Added support for WinIDNSteve Holme
2014-11-07version info: Added Kerberos V5 to the supported featuresSteve Holme
2014-11-07mk-ca-bundle.vbs: switch to new certdata.txt url.Guenter Knauf
2014-11-07http_digest: Fixed some memory leaks introduced in commit 6f8d8131b1Steve Holme
Fixed a couple of memory leaks as a result of moving code that used to populate allocuserpwd and relied on it's clean up.
2014-11-06sasl_sspi: Tidy up of the existing digest codeSteve Holme
Following the addition of SSPI support for HTTP digest, synchronised elements of the email digest code with that of the new HTTP code.
2014-11-06http_digest: Post SSPI support tidy upSteve Holme
Post tidy up to ensure commonality of code style and variable names.
2014-11-06http_digest: Fixed auth retry loop when SSPI based authentication failsSteve Holme
2014-11-06http_digest: Reworked the SSPI based input token storageSteve Holme
Reworked the input token (challenge message) storage as what is passed to the buf and desc in the response generation are typically blobs of data rather than strings, so this is more in keeping with other areas of the SSPI code, such as the NTLM message functions.
2014-11-06sasl_sspi: Fixed compilation warning from commit 2d2a62e3d9Steve Holme
Added void reference to unused 'data' parameter back to fix compilation warning.
2014-11-06sspi: Align definition values to even columns as we use 2 char spacingSteve Holme
2014-11-06sspi: Fixed missing definition of ISC_REQ_USE_HTTP_STYLESteve Holme
Some versions of Microsoft's sspi.h don't define this.
2014-11-06sasl: Removed non-SSPI Digest functions and defines from SSPI based buildsSteve Holme
Introduced in commit 7e6d51a73c these functions and definitions are only required by the internal challenge-response functions now.
2014-11-06sasl_sspi: Added HTTP digest response generation codeSteve Holme
2014-11-06http_digest: Added SSPI based challenge decoding codeSteve Holme
2014-11-06http_digest: Added SSPI based clean-up codeSteve Holme
2014-11-06http_digest: Added SSPI based authentication functionsSteve Holme
This temporarily breaks HTTP digest authentication in SSPI based builds, causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will resume normal operation.
2014-11-06http_digest: Added required SSPI based variables to digest structureSteve Holme
2014-11-05http_digest: Fixed memory leaks from commit 6f8d8131b1Steve Holme
2014-11-05sasl: Fixed compilation warning from commit 25264131e2Steve Holme
Added forward declaration of digestdata to overcome the following compilation warning: warning: 'struct digestdata' declared inside parameter list Additionally made the ntlmdata forward declaration dependent on USE_NTLM similar to how digestdata and kerberosdata are.
2014-11-05sasl: Fixed HTTP digest challenges with spaces between auth parametersSteve Holme
Broken as part of the rework, in commit 7e6d51a73c, to assist with the addition of HTTP digest via Windows SSPI.
2014-11-05http_digest: Fixed compilation errors from commit 6f8d8131b1Steve Holme
error: invalid operands to binary warning: pointer targets in assignment differ in signedness
2014-11-05http_digest: Moved response generation into SASL moduleSteve Holme
2014-11-05http_digest: Moved challenge decoding into SASL moduleSteve Holme
2014-11-05http_digest: Moved clean-up function into SASL moduleSteve Holme
2014-11-05http_digest: Moved algorithm definitions to SASL moduleSteve Holme
2014-11-05ssh: Fixed build on platforms where R_OK is not definedGisle Vanem
Bug: http://curl.haxx.se/mail/lib-2014-11/0035.html Reported-by: Jan Ehrhardt
2014-11-05strdup: Removed irrelevant commentSteve Holme
...as Curl_memdup() duplicates an area of fix size memory, that may be binary, and not a null terminated string.
2014-11-05url.c: Fixed compilation warningSteve Holme
conversion from 'curl_off_t' to 'size_t', possible loss of data
2014-11-05http_digest: Use CURLcode instead of CURLdigestSteve Holme
To provide consistent behaviour between the various HTTP authentication functions use CURLcode based error codes for Curl_input_digest() especially as the calling code doesn't use the specific error code just that it failed.
2014-11-05sspi: Define authentication package name constantsSteve Holme
These were previously hard coded, and whilst defined in security.h, they may or may not be present in old header files given that these defines were never used in the original code. Not only that, but there appears to be some ambiguity between the ANSI and UNICODE NTLM definition name in security.h.
2014-11-05curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of boundsDaniel Stenberg
When duplicating a handle, the data to post was duplicated using strdup() when it could be binary and contain zeroes and it was not even zero terminated! This caused read out of bounds crashes/segfaults. Since the lib/strdup.c file no longer is easily shared with the curl tool with this change, it now uses its own version instead. Bug: http://curl.haxx.se/docs/adv_20141105.html CVE: CVE-2014-3707 Reported-By: Symeon Paraschoudis
2014-11-04SSL: PolarSSL default min SSL version TLS 1.0Jay Satiro
- Prior to this change no SSL minimum version was set by default at runtime for PolarSSL. Therefore in most cases PolarSSL would probably have defaulted to a minimum version of SSLv3 which is no longer secure.